COMODO - Anti-ARP spoofing attack - What is it?

Status
Not open for further replies.

aliali

Level 2
Thread author
Verified
Sep 7, 2016
76
What is ARP SPOOFING?

ARP.PNG
 

SHvFl

Level 35
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Nov 19, 2014
2,342
  • Enable anti-ARP spoofing - A gratuitous Address Resolution Protocol (ARP) frame is an ARP Reply that is broadcast to all machines in a network and is not in response to any ARP Request. When an ARP Reply is broadcast, all hosts are required to update their local ARP caches, whether or not the ARP Reply was in response to an ARP Request they had issued. Gratuitous ARP frames are important as they update your machine's ARP cache whenever there is a change to another machine on the network (for example, if a network card is replaced in a machine on the network, then a gratuitous ARP frame informs your machine of this change and requests to update your ARP cache so that data can be correctly routed). However, while ARP calls might be relevant to an ever shifting office network comprising many machines that need to keep each other updated , it is of far less relevance to, say, a single computer in your home network. Enabling this setting helps to block such requests - protecting the ARP cache from potentially malicious updates (Default = Disabled).

From here
Firewall Behavior Settings, PC Firewall, Firewall Protection | Internet Security v6.2
 

Svoll

Level 13
Verified
Top Poster
Well-known
Nov 17, 2016
627
If you are networked, I would leave it disabled, if you are not, enabled it, it does prevent data frames attacks, someone stopping and modifying your network.

o_O how the hell did I do that, been hanging out too much at MT and with Mr. Penguin, SHvFI, frogboy, and tim one.
 

bunchuu

Level 8
Verified
Well-known
Mar 17, 2015
370
ARP spoofing is technique by which an attacker sends (spoofed) Address Resolution Protocol (ARP) messages onto a local area network. Generally, the aim is to associate the attacker's MAC address with the IP address of another host, such as the default gateway, causing any traffic meant for that IP address to be sent to the attacker instead. credit to wikipedia

However, did your ever heard about netcut? It is free utility to deny wifi/Wlan access through ARP spoofing method. So basically, comodo will protect you from people who use netcut (or similar method) to dominate your router. :)
 
Status
Not open for further replies.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top